def delete_company(id):
'''删除公司'''
company = Company.objects.filter(id=id).first_or_404()
if UserModel.get(company_id=company.id):
raise ForbiddenException(msg='该公司下存在员工,不可删除')
company.delete()
return Success(error_code=2)
def delete_one(category_id):
'''删除设备类型/n/t
如果设备已经绑定了该类型,无法删除'''
device_category = DeviceCategory.get_or_404(id=category_id)
if DeviceModel.get(category_id=category_id):
raise ForbiddenException(msg='该类别下存在设备,不可删除')
device_category.delete()
return Success(error_code=2)
def delete_group(id):
'''删除权限组'''
group = GroupModel.get_or_404(id=id, msg='分组不存在,删除失败')
if UserModel.get(group_id=id):
raise ForbiddenException(msg='分组下存在用户,不可删除')
# 删除group拥有的权限
AuthModel.objects.filter(group_id=id).delete()
group.delete()
return Success()
def verify_auth_token(token):
s = Serializer(current_app.config['SECRET_KEY'])
try:
data = s.loads(token)
except BadSignature:
raise AuthFailed(msg='token is invalid', error_code=1002)
except SignatureExpired:
raise AuthFailed(msg='token is expired', error_code=1003)
uid = data['uid']
ac_type = data['type']
scope = data['scope']
allow = is_in_scope(scope, request.endpoint)
if not allow:
raise ForbiddenException()
return User(uid, ac_type, scope)
def verify_auth_token(token):
s = Serializer(current_app.config['SECRET_KEY'])
try:
data = s.loads(token) # token在请求头
except BadSignature:
raise AuthFailed(msg='token 无效', error_code=1002)
except SignatureExpired:
raise AuthFailed(msg='token 过期', error_code=1003)
uid = data['uid'] # 用户ID
ac_type = data['type'] # 登录方式
scope = data['scope'] # 权限
# 可以获取要访问的视图函数
allow = is_in_scope(scope, request.endpoint)
if not allow:
raise ForbiddenException(msg='权限不足(等级:{}),禁止访问'.format(scope))
return UserTuple(uid, ac_type, scope)